As of nixos/binfmt: Add option to use static emulators when available by jcaesar · Pull Request #334859 · NixOS/nixpkgs · GitHub
Setting:
boot.binfmt = {
emulatedSystems = [ "aarch64-linux" ];
preferStaticEmulators = true; # Make it work with Docker
};
Just Works™
Unfortunately that is not on stable yet, but the following works on stable (using the fixed unstable packages as pkgsUnstable
):
boot.binfmt =
let
system = "aarch64-linux";
in
{
emulatedSystems = [ system ];
registrations.${system} = {
interpreter = (pkgsUnstable.lib.systems.elaborate { inherit system; }).emulator pkgsUnstable.pkgsStatic;
fixBinary = true;
};
};
Either way (stable or unstable), setting registrations.aarch64-linux.matchCredentials = true
will typically be useful as well if using suid binaries.